It’s not only a matter of making technology accessible to all through the tools made available, but also of guaranteeing its secure use. And it is with the aim of ensuring secure management of your sensitive content, in compliance with European regulations, that we strive to obtain the qualifications and certifications attesting to the highest level of IT security.
The SecNumCloud qualification
It is a qualification given by the ANSSI, the French National Agency for Information Systems Security. This qualification attests to the highest level of computer security.
The reference framework for cloud computing service providers, more commonly known as cloud providers, is a set of rules that must be followed by these same providers wishing to obtain a qualification for their offers in this field. It covers requirements related to the provider, its staff and the conduct of its services.
This qualification can be issued to cloud providers of the SaaS (Software as a Service), PaaS (Platform as a Service) and IaaS (Infrastructure as a Service) types.
In January 2019, oodrive became the first SecNumCloud qualified player. We managed to obtain this ANSSI Security Visa for all our private cloud offerings. This recognition is the culmination of our quality and security approach undertaken for many years now.
The RGS** qualification
This is the General Security Reference System (RGS). It is a regulatory framework for building trust and security in exchanges within the administration and with citizens.
This security standard is specifically required for information systems implemented by administrative authorities in their relations with each other and with their users. This reference framework integrates the principles and rules related to :
- The description of the stages of compliance ;
- Cryptology and protection of electronic exchanges ;
- The management of registration and receipt acknowledgements;
- Qualification of security products and trust service providers ;
- Validation of certificates by the State.
We are RGS** qualified. This compliance with the General Security Reference System attests to our positioning as a trusted player and partner. Reinforced by our other qualifications and certifications, this recognition is part of our approach which places security and trust as essential conditions for your freedom of action.
The eIDAS qualification
The eIDAS regulation sets out requirements for mutual awareness of electronic identification and electronic signature for exchanges between public sector bodies and their users. Essentially devoted to electronic identification and trust services, the eIDAS regulation also deals with electronic documents by giving them legal effect.
As part of our ongoing efforts to provide you with this trusted digital ecosystem, we are in compliance with the European eIDAS regulation. This allows us to be recognized as a trustworthy provider of qualified solutions with a real legal value.
The ISO 27001 certification
It is the international standard for information security management systems. This standard is a pioneer in the field of IT security. ISO 27001 certification is essential for reducing threats to your most sensitive assets and is an ideal response for cloud providers to customer requirements and legal constraints such as the RGPD. Similarly, this certification is a qualified response against potential security threats such as :
- Data breaches
Our ISO 27001 certification attests to our good practices in terms of protection and security for your data management. The certified perimeter concerns our infrastructures, our employees and our software.
The HDS certification
The Health Data Hosting certification is mandatory to justify the hosting and outsourcing of services and applications containing identifiable and personal health data. This certification aims to guarantee the quality of service provided by health data hosts. The covid-19 health crisis has highlighted the increased need to secure health data. Oodrive is positioned as a certified and trusted player in the management of health data.